Vodia News: Diffie-Hellman LogJam

Date: 5/21/2015

As some of you might know, the Vodia PBX is using its own TLS implementation. When the PBX was started in 2005, security was already a core design consideration that required our own implementation of crypto algorithms.

That being said, we are watching the news popping up every couple of months when it comes to security problems in the Internet. The latest is about Diffie-Hellman.

What is happening is that during the negotiation of the algorithm to use for the encryption, someone gets in the middle of the yet un-encrypted connection and takes the secure variants of DH out and replaces them with less secure variants, which are then presented to the server. The server will see only a limited choice of available algorithms and then picks the most secure one (or not), anyway it ends up with a insecure algorithm. When the message is sent back, the man in the middle patched the message back, so that the client has no idea that the weak algorithm has been chosen.

There are two scenarios when the PBX could be compromised: When a client, for example a VoIP phone, registers to the server; or when the PBX is the client and wants to send something out, for example an email.

Most other servers are using OpenSSL which offers a wide range of algorithms, and most of those servers offer as many algorithms as possible to make the connection happen most of the time. Luckily, at the time when we implemented TLS, we had no time to include DH. The PBX simply does not have that algorithm. I am not sure if it was by design that this potentially weak algorithm was not included; I would say it was not included because we only wanted to get the core TLS working with the relevant ciphers and that's it. When a client tries to connect by weak DH, the PBX will simple not be able to connect to that client. There will be no registration, and there will be no phone calls. And when the PBX wants to send an email using a secure connection and someone gets in the middle and tries to negotiate the connection down, the email will not go out.

So if your VoIP phone does not register to the PBX when using TLS transport layer, well you might be under attack.

In the past we did have cases where we simply could not explain why TLS connections just did not work. We might know now why. I hope those customers who got angry will now understand that it wasn't all our fault.